163 matches found
[SECURITY] [DLA 2785-1] linux-4.19 security update
Debian LTS Advisory DLA-2785-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings October 15, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.208-1deb9u1 CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3444 CVE-2021-3600 CVE-2021-3612 CVE-2021-3653...
Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9488)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9488 advisory. - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33396682 CVE-2021-28950 - Bluetooth: defer cleanup of resources in hciunregisterdev Tetsuo Han...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9459)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9459 advisory. - fs/namespace.c: fix mountpoint reference counter race Piotr Krysiuk Orabug: 33369433 CVE-2020-12114 CVE-2020-12114 - btrfs: only search for...
CVE-2021-3655 affecting package kernel 5.10.189.1-1
CVE-2021-3655 affecting package kernel 5.10.189.1-1. A patched version of the package is available...
CVE-2021-3655
CVE-2021-3655 is a Linux kernel SCTP vulnerability (present in kernels prior to affected fixes) where missing size validations on inbound SCTP packets may allow reading uninitialized memory. The initial description and connected advisories confirm the issue exists in the Linux kernel SCTP impleme...
Design/Logic Flaw
An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices...
Multiple Xerox Product Encryption Issues Vulnerabilities
The Xerox 3655i, among others, is a multifunction printer from Xerox USA. A security vulnerability exists in several Xerox products. The following products and versions are affected: 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 device...
CVE-2014-3655
CVE-2014-3655 affects JBoss KeyCloak; vulnerability is soft token deletion via CSRF. Notable details from connected docs indicate exposure in affected Keycloak releases and a fix later stated as Keycloak 1.0.2.Final. Practical impact is limited to CSRF-enabled token deletion without broader acces...
CVE-2018-20770
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection...
CVE-2018-20767
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution...
Intel CSME / SPS and TXE Vulnerabilities - Lenovo Support US
No description provided...
Intel CSME / SPS and TXE Vulnerabilities - US
Lenovo Security Advisory: LEN-22810 Potential Impact: Elevation of privilege, information disclosure, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3655, CVE-2018-3657, CVE-2018-3658, CVE-2018-3659, CVE-2018-3616 Summary Description: Intel has disclosed...
CVE-2018-3655
The CVE-2018-3655 issue affects Intel CSME firmware before 11.21.55, Intel SPS before 4.0, and Intel TXE firmware before 3.1.55. The vulnerability allows an unauthenticated user with physical access to potentially modify or disclose information stored in the CSME/SPS/TXE subsystems. Exploitation ...
Ubuntu: Security Advisory (USN-3655-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-3655
Cross-site request forgery CSRF vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token...
CVE-2015-3655
Cross-site request forgery CSRF vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token...
CVE-2015-3655
Aruba Networks ClearPass Policy Manager is affected by a CSRF vulnerability (CVE-2015-3655) in versions prior to 6.4.7 and 6.5.x prior to 6.5.2. The flaw allows remote attackers to hijack administrator authentication due to improper enforcement of the anti-CSRF token. According to CVSS v3.1, the ...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3655)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3655 advisory. kernel-uek 4.1.12-61.1.23 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298601 CVE-2016-7117 Tenable has extracted...
Debian DSA-3655-1 : mupdf - security update
Two vulnerabilities were discovered in MuPDF, a lightweight PDF viewer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-6265 Marco Grassi discovered a use-after-free vulnerability in MuPDF. An attacker can take advantage of this flaw to cause an...
Debian: Security Advisory (DSA-3655-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...